Vulnerabilities > Wpwebinfotech

DATE CVE VULNERABILITY TITLE RISK
2024-10-20 CVE-2024-49272 Cross-Site Request Forgery (CSRF) vulnerability in Wpwebinfotech Social Auto Poster
Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15.
network
low complexity
wpwebinfotech CWE-352
8.8
2024-07-24 CVE-2024-6750 Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14.
network
low complexity
wpwebinfotech CWE-862
7.5
2024-07-24 CVE-2024-6751 Cross-Site Request Forgery (CSRF) vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.3.14.
network
low complexity
wpwebinfotech CWE-352
6.5
2024-07-24 CVE-2024-6752 Cross-site Scripting vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_name’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping.
network
low complexity
wpwebinfotech CWE-79
5.4
2024-07-24 CVE-2024-6753 Cross-site Scripting vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mapTypes’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping.
network
low complexity
wpwebinfotech CWE-79
6.1
2024-07-24 CVE-2024-6754 Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_update_tweet_template’ function in all versions up to, and including, 5.3.14.
network
low complexity
wpwebinfotech CWE-862
4.3
2024-07-24 CVE-2024-6755 Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster
The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the ‘wpw_auto_poster_quick_delete_multiple’ function in all versions up to, and including, 5.3.14.
network
low complexity
wpwebinfotech CWE-862
5.3